Cyber Security report
The Department of Culture, Media and Sport (DCMS) released its report into cyber security this month. It looked at the TalkTalk cyber attack reported in October 2015 alongside the broader issues of cyber security and data protection. The ICO gave evidence to the committee and will be issuing a formal response over the coming months.
Whilst the report primarily focuses on the telecommunications and internet provider TalkTalk and the attack on Wednesday 21 October 2015, it's interesting to see some facts and figures contained within the background:
Cyber-crime is a significant and growing problem and affects all sectors with an on-line platform or service. As the British Business Federation Authority said in their evidence to the Committee:
The TalkTalk incident is one of many that have happened and continue to happen. To consider it in isolation of others would be misleading. The overall context is complex and changing fast... The problem space is international.
The Federation of Small Businesses (FSB) said that a third of their members had been the subject of cyber-crime.
The recently published Cyber Security Breaches Survey 2016 commissioned by the Department for Culture, Media and Sport (DCMS) found that 25% of companies experience a cyber-breach at least once a month.
Research from Intel showed that 43% were caused by internal actors (employees, contractors and third party suppliers) and half of these were accidental.
49% of companies are accredited to the Government?s Cyber Essentials and Cyber Essentials Plus scheme, or are on their way to accreditation.
In the year to March 2015, the ICO received 14,368 "concerns" under the Data Protection Act and around 180,000 under the Privacy and Electronic Communications Regime.
The government have published "Ten Steps to Cyber Security" and there's a useful infographic (see below) and is provided as guidance is for organisation looking to protect themselves in cyberspace.
We work with a variety of different organisations, both in the public and private sector and are amazed at the lack of knowledge of these threats or their responsibility, in terms of data protection. It's an area that all organisation should take very seriously. If you would like to know more get in touch with our offices and we'll be happy to have a chat and point you in the right direction. We constantly strive to ensure our applications are secure, but this is undermined if internal policies aren't in place.